<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Session Management</title>
</head>
<body bgcolor="#ffffff">
	<h1>Session Management</h1>
	<p>
		ZAP handles multiple types of session management (called <b>Session
			Management Methods</b>) that can be used for websites / webapps. Each <b><a
			href="contexts.html">Context</a></b> has a Session Management
		Method defined which dictates how sessions are kept.
	</p>

	<p>So far, just cookie based and HTTP authentication session management methods have been
		implemented, but the system supports easy addition of new methods,
		according to user needs.</p>

	<h3>
		<a name="cbsm">Cookie-Based Session Management</a>
	</h3>
	<p>
		In the case of this method the session is being tracked through
		cookies. Currently, the session tokens that are used are imported from
		the <a href="httpsessions.html">HTTP Sessions</a> Extension.
	</p>

	<h3>
		<a name="hasm">HTTP Authentication Session Management</a>
	</h3>
	<p>
		In the case of this method the session is managed with HTTP request header <code>Authorization</code>.
	</p>

	<h2>Configured via</h2>
	<table>
		<tr>
			<td>&nbsp;&nbsp;&nbsp;&nbsp;</td>
			<td><a href="../../ui/dialogs/session/contexts.html#sm">Session
					Contexts Dialog</a></td>
			<td></td>
		</tr>
	</table>

	<h2>See also</h2>
	<table>
		<tr>
			<td>&nbsp;&nbsp;&nbsp;&nbsp;</td>
			<td><a href="https://youtu.be/cR4gw-cPZOA">Youtube tutorial</a></td>
			<td>of the Authentication, Session Management and Users Management features of ZAP [external link to https://youtu.be/cR4gw-cPZOA].</td>
		</tr>
		<tr>
			<td>&nbsp;&nbsp;&nbsp;&nbsp;</td>
			<td><a href="../../ui/overview.html">UI Overview</a></td>
			<td>for an overview of the user interface</td>
		</tr>
		<tr>
			<td>&nbsp;&nbsp;&nbsp;&nbsp;</td>
			<td><a href="concepts.html">Features</a></td>
			<td>provided by ZAP</td>
		</tr>
		<tr>
			<td>&nbsp;&nbsp;&nbsp;&nbsp;</td>
			<td><a href="../../ui/dialogs/session/contexts.html">Session
					Contexts Dialog</a></td>
			<td>for an overview of the Session Properties</td>
		</tr>

	</table>

</body>
</html>
